TsgcHTTP_OAuth2_Server › Methods › RemoveTokenByRefreshToken
Revokes the token pair identified by its refresh token value.
function RemoveTokenByRefreshToken(const aRefreshToken: string): Boolean;| Name | Type | Description |
|---|---|---|
aRefreshToken | const string | The refresh token whose associated token pair (access + refresh) should be removed from the server store. |
Returns True when a matching refresh token is found and the related entry is removed; False when no matching token exists. (Boolean)
Convenient when handling revocation requests that only carry the refresh token (per RFC 7009). Equivalent to RemoveToken but looks up the entry by refresh token instead of access token.
// Revoke a token pair when only the refresh_token is available
OAuth2.RemoveTokenByRefreshToken('def456refreshtoken');